Run cfservd on the master server using the --no-fork (-F)
and the --verbose (-v) options. This will provide
useful information for any troubleshooting efforts.
You may see authentication errors.
When performing a "cfagent -K" operation, the following
messages are displayed:
cfengine:: BAD: key could not be accepted on trust
cfengine:: Authentication dialogue with master-server.
abc.xyz.com failed
cfengine:client:/var/opt/dsau/cfengine/inputs/update.conf:194: Warning:
actionsequence is empty
cfengine:client:/var/opt/dsau/cfengine/inputs/update.conf:194: Warning: perhaps
cfagent.conf/update.conf have not yet been set up? |
This problem is most likely due to the cfengine security setup. To resolve the problem, you will need to exchange
cfengine public keys between the managed client and master server.
The csync_wizard (see csync_wizard(8)) automates this process when adding clients. See the section “Configuring a Synchronization Managed Client” for instructions
on manually distributing keys to managed clients.
“Warning: actionsequence
is empty” errors
Use the cfagent -v option to get more information. One possible
cause of this message is that update.conf has
not been added to the client’s /var/opt/dsau/cfengine/inputs directory.
Syntax error due to missing
or superfluous spaces
#cfagent -K
cfengine::/var/opt/dsau/cfengine/inputs/update.conf:39: syntax error
cfengine::/var/opt/dsau/cfengine/inputs/update.conf:
Execution terminated after parsing due to errors in program |
In the first line of the example above, cfengine
is reporting a syntax error on line
39 of the file update.conf. The error reported
may be caused by a space in line 38, the previous line in the file update.conf.
Check for extra spaces in
the configuration files. As a general rule, using spaces can improve
readability. One common problem is missing spaces within parentheses.
For example, a function should have no space between the function
name and its leading parenthesis but the function itself requires
leading and trailing spaces within its enclosing parentheses. For
example, the following snippet shows the use of required leading and
trailing spaces for the function ExecResult.
control:
my_variable = ( ExecResult(/bin/ls -l) ) |
Unable to connect to a
cfengine client or master.
cfrun(0): .......... [ Hailing host1 ] ..........
cfrun(0): .......... [ Hailing host2 ] ..........
cfrun:host2: Couldn’t open a socket
cfrun:host2: socket: Connection refused |
Check that the cfservd daemon
on host2 is configured and running.
Use /sbin/init.d/cfservd
start to start cfservd if it is not running.
“Can’t stat” messages
When running using
either cfrun or cfagent, you
might get “can’t stat” errors. For example,
host1: Can’t stat
/var/opt/dsau/cfengine_master/master_files/etc/test in copy |
Check your master file repository and ensure that
the file in question is available and has the right permissions.
“Couldn’t
open a socket ” or “unable to establish connection:” errors
cfagent and cfrun can display errors such as:
cfengine:: Couldn’t open a socket
cfengine:: Unable to establish connection with host1 (failover)
host2: Couldn’t open a socket |
If the master server cfservd is running, this error could indicate that a there is a firewall
or port issue such that the client cannot reach port TCP 5308 on the master
server. When using cfrun, the master server must
also be able to reach TCP port 5308 on the remote client. Ensure that
any firewall rules allow access to these ports.
cfengine command line
arguments are case-sensitive. For example, cfagent supports both the -k and -K options which have different meanings:
-k instructs cfagent to ignore the copy actionsequence
-K instructs cfagent to ignore locks when running
How do I make cfengine
more verbose?
Most cfengine tools
and daemons accept a verbose (-v) option and several
debugging (-d) options. For example:
cfagent -d, -d1, -d2, or -d3
cfservd -v
cfrun -v |
Printable version
